Traditional gaming devices are based around a simple processor unit including a random number generator, an accounting means operatively coupled to a static/battery backed random access memory, and an EPROM having stored therein the important gaming functions. In addition, these gaming devices include gaming displays, coin acceptors, bill validators and hoppers operatively coupled to the simple processor. These gaming devices are relatively simple and limited in scope, usually consisting of a single executing program utilizing straight forward interrupt schemes and detection loops for asynchronous events for simple evaluation. It is also a simple matter of operatively coupling an external program validation device to the EPROM for providing effective regulatory validation of critical gaming functions to preclude unauthorized tampering or modification of the gaming machine through software. In addition, an external device validation process for suspicious jackpots or disputes may be validated by simply reading the static/battery backed random access memory associated with the simple processor. Furthermore, software developers in the gaming industry are hesitant to include compromising code in traditional gaming devices due to the ease of both internal and regulatory review.
Currently, most casinos protect their large jackpots by sealing the EPROM devices containing critical code for game functions with serialized tape, and validating the code contents against a standard after a large win.
Today's trend in gaming devices is towards an increasing utilization of personal computer based gaming platforms. Personal computer based platforms are being employed by designers to make use of real time operating systems which allow for multi-threaded/multi-tasking processes and the use of many "off the shelf" device drivers. While at first, this may seem an advantage, it is not a wise choice in an environment requiring high security and regulatory monitoring. Designs of this nature elude validation by regulatory authorities in two areas, initial laboratory evaluation and field validation. Any in depth review of a PC based gaming device is both difficult and far from definitive, requiring tremendous engineering resources and specialist in computer security which are expensive and normally available only on a consultant basis. Even if these resources were available, it is impossible to study the hundreds of thousands of lines of source code comprising all of the elements of such a system. In addition, the time involved in just learning how to build the executable code from the source for correlation is time and resource prohibited. The multi-threaded/multi-tasking process nature of the programs in these devices make it extremely difficult to locate any compromising code which becomes clandestine since the actual sequence of the execution is hidden to the evaluating engineer. Furthermore, the code set for a complex PC device may not be fully embraced by the evaluating engineer.
The significant reduction of risk for detection in compromising the more complex code is an invitation to inside compromise by device designers. Further, PC based devices are simply not field verifiable, rendering any gaming jurisdiction's device inspection program or any other field validation effort useless for this gaming equipment. For example, the device must be essentially disassembled so that all BIOS EPROMs and any other software located in peripheral devices may be inspected. If CD ROMs or disk drives are used, these must also be read and verified, requiring a significant amount of time. A thorough inspection program will, of necessity, be extended in scope to include hardware since the device must be searched for approved peripherals that may modify the source code execution and function of the game. Hardware inspections are not easily defined, requiring a high level of technical skill for field personnel. Even if this capability is provided, each inspection will be time intensive thereby significantly reducing the effectiveness of any inspection program.
Even with these efforts, validation will not be absolute. Regardless of the extent of the inspection, it is impossible to guarantee that an approved program is actually executing from dynamic RAM. Large jackpot validations by the casino are also out of the question for the same reason. This is a result of the fact that programs executing in dynamic RAM are self modifiable and extremely difficult to extract from an operating device. The dynamic RAM only exists in an active operating context; therefore it is impossible to be sure of an accurate program validation during an evaluation to resolve questionable operation or a patron dispute.
At a time when regulatory goals should be to enhance slot machine security to protect the integrity of gaming, the introduction of these types of devices is an antithesis. These devices are an invitation to highly technical and non-detectable compromise by experts. At first, it may seem restrictive to prevent this type of design by regulation. However, multi media capabilities which can be offered via today's high technology can provide a very marketable scheme to patrons, therefore, alternative designs must be considered to provide these features in a responsible manner.
Therefore, a need exists for an independent secured processor design for validation which would provide all key functions such as the determination of game outcome, monetary input, output, and logging of relevant events. Furthermore, a need exists for an open architecture design, for example, a personal computer based design of the gaming device which would provide all shell functions of presenting the game environment and thus providing a substantial entertainment component of the gaming device. Therefore, even though compromise is still possible at the shell level, evidence of what should have occurred is recoverable from the specially designed secured processor.